36d3abecd18c85005ffb97914d5d1591 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36d3abecd18c85005ffb97914d5d1591
Size

544KB
MD5

36d3abecd18c85005ffb97914d5d1591
SHA1

33a9148fe59d41fe73ab06ca3feff0ca5d1aea0b
SHA256

1d9e051b2a1550737b2dc0fc0d34e42999e4c7d3b144abe7f94578d6afec7146
SHA512

24ca77204cb771135f31f0a7381f4e326dd9fd20eaf841845b9d400686daa9c948b24d2153f8bd273d4bbc69116d8143920b4fb3925c399ef69746c75ff56c30
SSDEEP

12288:l8i3VhDKalHjS/SLFkQpo0PlWYmv3tLtD0K:93zDK5qL5o0PkxvdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36d3abecd18c85005ffb97914d5d1591

Files

36d3abecd18c85005ffb97914d5d1591
.exe windows:4 windows x86 arch:x86

c974c22430d94373bdcb0b3e478e4be3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
GetEnvironmentVariableA
EnumResourceLanguagesA
FreeConsole
GetProcessId
GetStringTypeExA
CreateFileA
WritePrivateProfileStringA
GetFileAttributesA
LZCopy
HeapReAlloc
GetConsoleInputExeNameA
GetOEMCP
GetLocalTime
HeapAlloc
VirtualAllocEx
GetConsoleOutputCP
OutputDebugStringA
SetComputerNameExW
UpdateResourceA
WriteProfileSectionA
SetEndOfFile

advapi32

RegCloseKey
DuplicateToken

user32

SetWindowLongA
GetWindowContextHelpId
GetLastInputInfo
SetProcessWindowStation
FlashWindowEx
ScreenToClient
SetSystemCursor
SetWindowWord
CreateCaret
DialogBoxIndirectParamA
GetWindowTextA
GetUserObjectInformationA
SetSystemMenu
IsDlgButtonChecked
SetSysColors
GetLayeredWindowAttributes
MessageBoxA
CopyRect

Exports

Exports

Xhnfauevc
Otnchnhm
Jjfpwtmtofq
Phdglqt
InitNbaebgfdi
CreateRjmwlju

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 508KB - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ